It might have been deleted because you might have been falsely saying that he had malware. I really doubt a malware exists specifically to target bitaddress.org (and he could always verify the hash), and it could just be a bug. Also depends on when you posted it. I checked the thread and he said it worked on a portable Firefox version, so it might have been a browser glitch.
I said
The malware is taking control of certain functions bitaddress is using, which means JS functions used by bitaddress. If any other application use those JS functions, same should happen.
It can not be a browser glitch, as browser glitch can not magically generate a postimage link.